AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 08:14:58 +03:00
Code Releases Activity

OpenVPN: Add packet scrambling/obfuscation feature

Browse Source 
This allows an OpenVPN client to bypass a firewall which is aware of the protocol and is able to block it.
The XOR mask set on the server has to be the same on the client, otherwise it will not be able to connect with certain obfuscation modes.
A special OpenVPN client built with the "XOR patch" is required in order to use this function, because it has never been merged in the official OpenVPN repository.

Two parameters are added to the server configuration: "OpenVPNObfuscationMethod" and "OpenVPNObfuscationMask".
Their value can be retrieved with "OpenVpnObfuscationGet" and set with "OpenVpnObfuscationEnable" in the VPN Command Line Management Utility.
This commit is contained in:
Davide Beatrici
2018-11-12 22:32:37 +01:00
parent 25c99a7e04
commit 6a45921f41
14 changed files with 566 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/Cedar/Server.c
View File

@ -154,6 +154,9 @@ void SiSetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c)
NormalizeIntListStr(s->OpenVpnServerUdpPorts, sizeof(s->OpenVpnServerUdpPorts),
c->OpenVPNPortList, true, ", ");
s->Cedar->OpenVPNObfuscation = c->OpenVPNObfuscation;
StrCpy(s->Cedar->OpenVPNObfuscationMask, sizeof(s->Cedar->OpenVPNObfuscationMask), c->OpenVPNObfuscationMask);
// Apply the OpenVPN configuration
if (s->OpenVpnServerUdp != NULL)
{
@ -194,6 +197,9 @@ void SiGetOpenVPNAndSSTPConfig(SERVER *s, OPENVPN_SSTP_CONFIG *c)
}
StrCpy(c->OpenVPNPortList, sizeof(c->OpenVPNPortList), s->OpenVpnServerUdpPorts);
c->OpenVPNObfuscation = s->Cedar->OpenVPNObfuscation;
StrCpy(c->OpenVPNObfuscationMask, sizeof(c->OpenVPNObfuscationMask), s->Cedar->OpenVPNObfuscationMask);
}
Unlock(s->OpenVpnSstpConfigLock);
}
@ -2569,6 +2575,8 @@ void SiLoadInitialConfiguration(SERVER *s)
ToStr(c.OpenVPNPortList, OPENVPN_UDP_PORT);
}
c.OpenVPNObfuscation = false;
SiSetOpenVPNAndSSTPConfig(s, &c);
{
@ -6000,6 +6008,16 @@ void SiLoadServerCfg(SERVER *s, FOLDER *f)
config.EnableSSTP = !s->DisableSSTPServer;
StrCpy(config.OpenVPNPortList, sizeof(config.OpenVPNPortList), tmp);
config.OpenVPNObfuscation = CfgGetBool(f, "OpenVPNObfuscation");
if (CfgGetStr(f, "OpenVPNObfuscationMask", tmp, sizeof(tmp)))
{
if (IsEmptyStr(tmp) == false)
{
StrCpy(config.OpenVPNObfuscationMask, sizeof(config.OpenVPNObfuscationMask), tmp);
}
}
SiSetOpenVPNAndSSTPConfig(s, &config);
if (s->ServerType == SERVER_TYPE_FARM_MEMBER)
@ -6271,6 +6289,9 @@ void SiWriteServerCfg(FOLDER *f, SERVER *s)
SiGetOpenVPNAndSSTPConfig(s, &config);
CfgAddStr(f, "OpenVPN_UdpPortList", config.OpenVPNPortList);
CfgAddBool(f, "OpenVPNObfuscation", config.OpenVPNObfuscation);
CfgAddStr(f, "OpenVPNObfuscationMask", config.OpenVPNObfuscationMask);
}
// WebTimePage